Web session parameters

Question

Hi. 
 A partner is implementing 1IM and they struggle with a use case where they need to determine the authentication method used in the 1IM web portal. The user must be authenticated using a smartcard certificate in order to be allowed certain actions in the 1IM web. 
 Below is some information from the partner: 
 "Customer is using http://www.avaintec.com/ ' s CryptoSign software that uses probably PKCS11 standard. 
 We need to request information about users login thru HTTP session. Web session should somehow tell us parameters from that CryptoSign software. i.e. there are some other software are doing that thru PKCS11. 
 We haven&rsquo;t been able to get any information about this and this is still open. Do you have any technical resources in your organization that might have any understanding how PKI and IT-shop session parameters work?" 
 
 Anyone who knows if we can parse web session parameters into 1IM? 
 
 Kind regards, 
 Ingvar

Hanno Bunjes · Accepted Answer

Hi Ingvar, 
 
The 1IM web application uses ASP.NET session state, so you can easily read and write session parameters using scripts or Webdesigner-embedded code. 
 msdn.microsoft.com/.../03sekbw5.aspx 
 
Since session state lives on the server, the question is: Is information about the client certificate available on the server? If so, how can it be accessed? 
 
HTH 
 
Hanno Bunjes